package com.zzld.modules.sys.action;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.zzld.core.common.config.Global;
import com.zzld.core.common.config.GlobalStatic;
import com.zzld.modules.sys.entity.Login;
import com.zzld.modules.sys.service.ILoginService;

/**
 * 登录
 * @author zzld
 *
 */
@Controller
public class LoginController {

	@Autowired
	private ILoginService loginService;
	
	private String loginPath = "modules/sys/login";
	private String indexPath = "modules/sys/index";
	
	@RequestMapping(value = "${adminPath}")
	public String a(Model model) {
		if (SecurityUtils.getSubject().isAuthenticated()) {
			return indexPath;
		}
		return loginPath;
	}

	@RequestMapping(value = "${adminPath}/login", method = RequestMethod.GET)
	public String login(Model model, HttpServletRequest request)
			throws Exception {
		if (SecurityUtils.getSubject().isAuthenticated()) {
			return "redirect:"+Global.getAdminPath();
		}
		return loginPath;
	}

	@RequestMapping(value = "${adminPath}/login", method = RequestMethod.POST)
	public String loginPost(Login currUser, HttpSession session, Model model,
			HttpServletRequest request) throws Exception {
		Subject user = SecurityUtils.getSubject();
		
		String code = (String) session
				.getAttribute(GlobalStatic.DEFAULT_CAPTCHA_PARAM);
		if (StringUtils.isNotBlank(code)) {
			code = code.toLowerCase().toString();
		}
		String submitCode = WebUtils.getCleanParam(request,
				GlobalStatic.DEFAULT_CAPTCHA_PARAM);
		if (StringUtils.isNotBlank(submitCode)) {
			submitCode = submitCode.toLowerCase().toString();
		}
		if (StringUtils.isBlank(submitCode) || StringUtils.isBlank(code)
				|| !code.equals(submitCode)) {
			model.addAttribute("message", "验证码错误!");
			return loginPath;
		}
		UsernamePasswordToken token = new UsernamePasswordToken(
				currUser.getAccount(), currUser.getPasswd());
		String rememberme = request.getParameter("rememberme");
		if (StringUtils.isNotBlank(rememberme)) {
			token.setRememberMe(true);
		} else {
			token.setRememberMe(false);
		}
		
		try {
			user.login(token);
	
		} catch (UnknownAccountException uae) {
			model.addAttribute("message", "账号不存在!");
			return loginPath;
		} catch (IncorrectCredentialsException ice) {
			model.addAttribute("message", "密码错误!");
			return loginPath;
		} catch (LockedAccountException lae) {
			model.addAttribute("message", "账号被锁定!");
			return loginPath;
		} catch (Exception e) {
			System.out.print(e.getMessage());
			model.addAttribute("message", "未知错误,请联系管理员.");
			return loginPath;
		}
		return "redirect:"+Global.getAdminPath();
	}
	
	/**
	 * 退出
	 * @param request
	 */
	@RequestMapping(value="${adminPath}/logout")
    public void logout(HttpServletRequest request){
        Subject subject = SecurityUtils.getSubject();
       
        if (subject != null) {           
            subject.logout();
        }
    }

}
